easylogger | 798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae

Analysis

max time kernel
8s
max time network
151s
platform
android_x64
resource
android-x64-20240221-en
resource tags

androidarch:x64arch:x86image:android-x64-20240221-enlocale:en-usos:android-10-x64system
submitted
17-04-2024 01:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae.apk
Size

5.8MB
MD5

1398c9c6999be6f56f2364ec680f8557
SHA1

396c173b4c084afc3a2c89044ffa42a3f0e4dad4
SHA256

798fafd34288fe8439dfd609d2599f234c6cf63b047f032d872d228f951c87ae
SHA512

49ae3724b60f40ac3646a44164fd6879480d895e1096825f484d63d286b5c5b8f2557bdf752f746651504bd038bf9e93dfe7400977e2bd6ba24576843b3393dc
SSDEEP

98304:BUlRb+MDHwasxU19o7SDWNYbM2Wlghs4DqHvSse0EpO9X0xUCd7Mmp3/U5uaMA:CKhdU1xWlQDuSsGA9X097MaPUo/A

Score

10^/10

easylogger banker discovery evasion infostealer spyware trojan

Malware Config

Signatures

EasyLogger
EasyLogger is an Android stalkerware.
trojan infostealer spyware easylogger
Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
banker discovery

Security Software Discovery
T1418.001

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	app.EasyLogger

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	app.EasyLogger

Checks the presence of a debugger
evasion

app.EasyLogger
1⤵
- Checks memory information
- Acquires the wake lock
PID:5090

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

Software Discovery

T1418

Security Software Discovery

T1418.001

System Information Discovery

T1426

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/app.EasyLogger/cache/volley/-1201570017-1616341492

Filesize
1KB

MD5
3460eef8eba81b88a144401928b2988e

SHA1
f116b49985302a49d6f432558df0e35e749c5990

SHA256
2ea4dfcb73211b28c1d43e0467bb8077de9f61654455fff1d318bf5ea3e94f81

SHA512
d4320d496c223140cec80cb6b4cb525a207f74d87de20ab2159789ebe5b113fd85d02ebfa2755eba0a330ae33dfed9a329fedd014715fe5a45b1f600d07a0b67

Download Submit
/data/data/app.EasyLogger/cache/volley/-1201570017-1616341492

Filesize
1KB

MD5
0c49b87479bb5c34e0e0a8f367c0e0fd

SHA1
b328fdea60917b56431b45a109919e471fa1526e

SHA256
ec726a70868e91a849a5a7fc9a50d3915955d345aebb25b201b621dca6b731d8

SHA512
b5b7459e1feddf26f1b4eb0fad60cea5af94a85c394246c788c02d5b3a7d923b320f4534dfda51b5412f7d74fac9c428a5e5e0a992ab8c05a7d2061eedaf7a53

Download Submit
/data/data/app.EasyLogger/databases/com.google.android.datatransport.events

Filesize
40KB

MD5
15d5b92dcbda7ef7f9ca327a903e46e4

SHA1
ca153b66028a58d90346ff8abadbdf01b95c37b1

SHA256
e802fdc1ccd833b91d80bb1d8f54cab2b585393e6a07622c4d9feaab07633370

SHA512
2352f167ee5aa37cb3438a0a7df8f632771a1d019c5cd120fe62313fb73aed6d0e09186a9bf306a564371b846a8da020f6acd7aede0cc47ca50701611fa84aca

Download Submit
/data/data/app.EasyLogger/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
0f6aae7edc00626bd8d61aa8d5222190

SHA1
5e2c88c14238e7c9d0bf7a29ce05dd3c0b458437

SHA256
18cc7cec4d277666513fe5d3ff88449a607fc155e1bdaddd4bd6d0a8feb1d178

SHA512
76fa54f00066ecfdffab9e3a16b4cad98d2af4afd10d387382eb6c4378cf37a5671601e0bf95d06841dd9ba95d8d31aea282bddb7ba0f5c579ad8863f32d70ec

Download Submit
/data/data/app.EasyLogger/databases/com.google.android.datatransport.events-journal

Filesize
512B

MD5
8303c0abb5a64410e2b28665600d9f07

SHA1
6054a43b3ea7d6f58188ff4f2f9f65a645c61966

SHA256
37809716c41eb23e8fc2996b68dc7391f8411bbc9d69b29d68610b91d4a1b28e

SHA512
3f697d313806088d3ce1f92b030e44cd4b02b67ec2c07a91b592710103309c63b78f56cbb1ec5c3661397103df132918a0490ad2ee3344d8be03346c9ef9b7e0

Download Submit
/data/data/app.EasyLogger/databases/com.google.android.datatransport.events-journal

Filesize
8KB

MD5
1cfd9d7ef7bfe396e823891034919f7e

SHA1
7ef63da2498703df7c675962466f60e0ce42b8c3

SHA256
912d95e80db3d5d3d84426f9eeb115c5930a4891ac6cb168e121ad7a220c5e3b

SHA512
ae1e36e3749d792c7608e76c79a65957669e3cce58cb205e96035c80965968fa83aae1df132494e4ca01077fd7ba18f8c57abb08492ccdbe6133a209a2dfb7a3

Download Submit
/data/data/app.EasyLogger/databases/google_analytics_v4.db

Filesize
28KB

MD5
445bbcdba929821b638be6d7d63d0ff1

SHA1
44cad366d2a3b5dcfba5e2574c9816008098ac2d

SHA256
b5753f4707efe9dcff1b84a6536a93ff0843de201dbc0d1b0893b0a9f6c25f36

SHA512
b43edeff01ccb35b3ef512f0de404b79b9c316b19429a44b1e5b3f7ef0dfa2cb02e5cba5f99f2a98ecc484b07a2bdfbac83a56c9d0c3d789f6bfe7355c73fd35

Download Submit
/data/data/app.EasyLogger/databases/google_analytics_v4.db-journal

Filesize
512B

MD5
eb76ad260ec9593108266f7ffe840fea

SHA1
3ce0bd949072ddef5ea418cdbc0dd79b4a0d9820

SHA256
d12bf69cca6c50542d4e584bf8b9b5cb9ea7bfef2246b1f2f06f3e297be95b70

SHA512
df3942d504956c05dd79201549e1b08e10ab63772d317286e5be8d39605bff90c290e8d859862d5543f31228163d1b03ed075b61a5e74f5fe049d397545ca578

Download Submit
/data/data/app.EasyLogger/databases/google_analytics_v4.db-journal

Filesize
8KB

MD5
e764ce41e2f5726edaf427464e49d4dc

SHA1
d16e750dcf0610bc03e3944fee7dbc949f8424ce

SHA256
49f21b973ee6bdaeec8d02448d4ae6d92c2f6cc8c9a47ed1234be5a6588fbe14

SHA512
5336c94bc82b643abff17abc1cf3a16931b0b36f8e49acb6e0e3203544afd251dfa73c5eb11e73c93e9ad8fbb7e2d984a552e0b4ff385b40b26e268ea1ce1cf3

Download Submit
/data/data/app.EasyLogger/databases/google_analytics_v4.db-journal

Filesize
4KB

MD5
4b8043b9ff80aa92bf44275e1782eacb

SHA1
58dc0701db872916f1e2e61a19bf3ca85fed98c2

SHA256
ec5f0ab3dcf75faa49b18e83d880527dd8f23465912ebe948e1efc0ae241cca6

SHA512
2440011e13a2570e61a35194c55ee59b7f8d8f0523ffee84557acf23f9e23c91299742ec44fdad0c31960a5951ca18ec05909635cebb35a045ecd3f3c6fa08f3

Download Submit
/data/data/app.EasyLogger/databases/google_analytics_v4.db-journal

Filesize
8KB

MD5
943958c36fe6ed03d70a3239f1fc9dd4

SHA1
b8d30303ef454ad9c0748fbb1cef78f737229450

SHA256
af047cbb45dc0e16791318a942befd8537b68469125900e2227cb0e73ba74681

SHA512
ff8f1ce82be534f44d455194166129b568b74b0853720ab14613e94f032e1a10574379762d3a28738204a2c43e74240c74fae59bd351e8d7bdf8fbc05d44b16d

Download Submit
/data/data/app.EasyLogger/databases/google_analytics_v4.db-journal

Filesize
8KB

MD5
a45214392f5d9d141f02383934e963f5

SHA1
370945256c932a94f0691856ec813bffefbb02de

SHA256
a74b73bc863139621d6d503bb2474e881f83f10c745c4eed2b35717ccb5b48cb

SHA512
4dd56ceedba38cbcea134a13c98e7d99faba9d6300e7e6c6eb97f4b90eede6f63e80d2dfd23a32c3d8a1d3bd95746446c44fb11e20ee42e1f437ea22dc9e8023

Download Submit
/data/data/app.EasyLogger/databases/google_analytics_v4.db-journal

Filesize
12KB

MD5
6e6f16b1988d3ca9f20533c84cba0842

SHA1
fdece4476f42c0c5e13e81dc1c15a03c4285a66b

SHA256
3c2c986a570e829ad21c3eb4f31c9a8a374e2f31fb39580d2f0572bff820c877

SHA512
bea1c992bc70c46fdb2034bbb3234c13eb68fe00e63e6becb73eda307960a90f3cd465f6e365601cf9c51d4d8599723554860146d285dccc54e62476aa882476

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
eb52a90bb70b76e946b62f50b6f7fb85

SHA1
42d767b5d1faa7dcef4cb4e1432a5f47ec2e9ee0

SHA256
48472f593a3e9cf9e91ee5f7d66dd9ff291bfb247eb6b46778c710fc24e8d3c4

SHA512
b356c858cadd14b6ecddf134f1c494c0107a1d36be9387984fc53dcb00e6779d944f058f4ac99d0fc2fe3a427cd1c2921c6fc38ecad53909fc4b5b6f04459b5c

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
8a05681cb23228c4cd66dd94d9a44fcf

SHA1
942b3c94e267477055c14884952d2d3ca381ec98

SHA256
750966841071a278c6efae7783c58c1bfddd342a4694461e90ba67d09c624544

SHA512
c7525061c25616151516c47e9fdc8270593818e0052ae4a700212e1580eb21a7745e1f4e5bd3754546117f50630009f8b6ac688db248c1ed1b02a26cda254416

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
807f2d776bccc2118327edef8d8bbae4

SHA1
0aa80339f8b0d4ed4ea615d33ad68bbeecb5443e

SHA256
100fd1216a8474928fd5c02508a09797512c045715024df7a663e9d1d7bc8a97

SHA512
413b7224ed99a2f5421aa0f11f51e1cbcbbe629d2415158f4ac3aec9e2d07176cc55bac7f3e987e2705bbae0125fe6e84e17d14c820e56aa1eea349cea2b188d

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
35c2dfc2e9f5a8ae7d47bcf21f7db019

SHA1
7b27c52e84f745efab8ff4944a09614fe9b3efb3

SHA256
251423ef564b80a395877824f85c16e5a4d9ee739c7150760b375b7e9eca69b9

SHA512
fa913c193a3aaed660b3f8693291454847f73a850977175d8e864fe70415e791006d87a704dd8bb51ff641a8274d683fea4e490580947bec82c141045c7ecfec

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3279fe762a0d2466448d10da3f850781

SHA1
698af50065fc17fa32d521bccdef11b579053011

SHA256
a0c3495248103cfe9eb9c4f92f90fc85d48acd1f58019b623083d64d67fc4179

SHA512
383437defbfb0d7a70bfc5fac9ddcd8f323f8371949b78d5aac85cddb1336d448300459a41ce7ba0be7993f9f0074c9a9806dd0c3e15862c7e98c60cc564a522

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
60a744d32ff1beb1857e82f7bff8d3b6

SHA1
6c9f0e7ccbdc4ab4b734e22aca671eba14528258

SHA256
702d2034a199769b4ce3387a7d7c5087d12a26b529e0c8c557678b6a445128a2

SHA512
5e46b56fef5874ddcc625fe66093283301ee8df389e69fa2bf1e858ca63a831b7494ae3077603496dbd8e44572d48da08698f1eb728653126f74354181981bac

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
e675d292ab2ab8f84dd151be1370a69c

SHA1
7eb67e07d6ab8506e9885228832f64e59236f59e

SHA256
6120ff0d33870abfd93dd8d6c785908db6d9c3c9aea91f90c9d531a084c88359

SHA512
1c64b5098f25e010f3830713fb6f304ca4a9879d35b58dcdd2d85e81bbf928b51b3adfa41296784baff613e5f9afbc25313c8063a11a80dded4867fc23abd594

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-journal

Filesize
4KB

MD5
25b11027e734c8ed952511919157284d

SHA1
d510b0a19f8d323995b6d1fbae0a881e2ccddbad

SHA256
f8f1b1652791e0a11f4fb0017c1b5ee95b198a9ea4e92d3a5aa20e475c55b3b0

SHA512
1301179930cecf6517b3fb217c9e7654f91c26aced05457c730f054375b3273e8fbfaeec8bab447cb90dd9cce832950b3f4d646d61d78f236a5214abefa2683a

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
0e234f4c3e26c594b6cf4a3fa0f10e1a

SHA1
3a87f8d894937009ae0530bb156a53bc8c71db79

SHA256
68387b1d698de2f2e50a12fb8edb81580ae505b82c602b9535ebf6dab54a7290

SHA512
c2c28a006f4d8111c90aea0cecc55bdb77c4799aa1e307eed4d4310ba3c5c5791ac9bd651aa46eb48f17e1162fbf4dc064648d62b2b3e8da9bb800254763dcfc

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
d3e43c0486a5fe51ac3cc2ca79d35aa6

SHA1
a6aa7b833cd4137290918de893f8c8518882c222

SHA256
b854e1497517e537cf16a514cb4d88eddb937ce170a923e77a55690d2ad5974f

SHA512
24dfc5b51040377b7bfca7b43bc55ea3e69bc8d665cf8a7f973b3612942aee8204bda47ebedbfc4da37e71e0887ac6aa90be2c4fcafb58a12d8f56c31a5da040

Download Submit
/data/data/app.EasyLogger/databases/google_app_measurement_local.db-journal

Filesize
8KB

MD5
84365915800013b29793bc372d99c80a

SHA1
a228f77b13c8a75488e5e3156d45cbea42f3e587

SHA256
47896658bfb0c1ca5a49522c903226099231af899555caf9860a22dd2983a82a

SHA512
dbe02114e346ad6ddb45541dbe6e79d35dbc8b838ab107a98d2e3bff34cdc7fd336bb1cef85ce091d253bfbaff93b9ced2b6b4b23d707407402bc16c109a75c5

Download Submit
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/com.crashlytics.settings.json

Filesize
710B

MD5
522a19bd5feffadcc3e3702f689f2c92

SHA1
7723264e9e4bd941686d0cb40549644a2dec9a9c

SHA256
23d4ed0b9658be263f7672cc5d8fb84e8f6ae78686338d6d67063cfea95ee92a

SHA512
4d577cf3a0c7404b90f61552f2275c1ac851e4a85ab5d773616bb6b99708218aed83a673f5044f7f5285804afaed38c5b19597b0f26cfc1a2218fd7cc686ddbe

Download Submit
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/log-files/crashlytics-userlog-661F2C9002EE000113E25B272B1F2A45.temp.tmp

Filesize
16B

MD5
c33583fae4e0b61cde1c5b9227963237

SHA1
fe2ebe4d27469af1460f7e852031a04208ef629b

SHA256
35c6d6e5b93657e4a741a1cec71c21813fe05aab219909ebbb0f62fb0ae648dc

SHA512
fa09047004bec791b23f0dade0b64f8ab9bbd67555505e0d0818f6e89dfe56f474df80db0786d081d36adf23a5bacea40275ba043444a3a85d3d9612575bdd1e

Download Submit
/data/data/app.EasyLogger/files/.com.google.firebase.crashlytics/report-persistence/sessions/661F2C9002EE000113E25B272B1F2A45/report

Filesize
733B

MD5
2dcf3db76eb4ea405a7a2e47357d8433

SHA1
04008ae44466ce8380e77f786bfd74a73861a665

SHA256
792260f00b9562dc1bd49768291a80f0d42e6724ec656cedd106ecdb6c327a0b

SHA512
e36ac60820ba3e46ab3959420e76b985969502f0e9239ccdb0f2e922c617de4a8760e1218e99d2224c1e0f47b38e80aaf4cdb5c782ae3b2babe5b88836a02d28

Download Submit
/data/data/app.EasyLogger/files/PersistedInstallation3885445677571246032tmp

Filesize
563B

MD5
6b96ad520d2cad6dd2f2b8426d66d29e

SHA1
c3898a1b88c6664ff40c395f2eeaa87d6c0c847b

SHA256
7aae41b6c4979bf7a61b5c408ef23f3b2602999e8f706d6ac5eb592ca9020c6a

SHA512
e6e247e79bbba0f95e447bcf2a6deccfb876159bd7f80494fe5e63ad0b7e260aa51114ded84e3d2e0a53f17987d95852237b58c6a28d528bc9460450e5f9009f

Download Submit
/data/data/app.EasyLogger/files/PersistedInstallation5791629662519682248tmp

Filesize
90B

MD5
ded17d7737426411347f613cc240f563

SHA1
72604bbe51ca1d65070cfcc8bd1c02384afbdefa

SHA256
e158a0c637c8e83b92cd5b98be4aef7d6183b210613feba5e15c00f7db517078

SHA512
a118e853af3e26fbcdbe86ddc2552eb97b769c6cb7e4e4084915216edb94f9a63041d34ab3ae6a8027ab703b538fb29470bc739a090667fa3ed96122f9516166

Download Submit
/data/data/app.EasyLogger/files/gaClientId

Filesize
36B

MD5
2d6819967b3b602bf421f5974bef14bb

SHA1
c32aa4dca40642d39f0aa681b0b6121d363cd2c0

SHA256
aba103b05ffe3bb909c94abd1864321990a27156b63200694e1126b3efe22013

SHA512
c5f0beaf1c476247e101566ff2526cd45e8ac470572b2080695e826e0c4af25ccc90b412675c32621af0bb235fc5dd570f374ee63023fa24c5563c1a34df65dc

Download Submit
/data/data/app.EasyLogger/no_backup/androidx.work.workdb

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/app.EasyLogger/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
83a1e591a3c40baaf278d6496145d2d1

SHA1
af9088a843621d20aae59a161eb5c73547c91cee

SHA256
10e187a2169086b8797eefbbdcfde21d513f6b17a9b6240a0bccceed343e0ff1

SHA512
9d5dad132f34bd9c168f901cb04ac2422f3f0fdd007e97616548e0ba0332b68e5253cbc019a1763786ad00773de3adffffd03849581839a2c8b04f538a85fbd9

Download Submit
/data/data/app.EasyLogger/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/app.EasyLogger/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
803e5c17285f70cf95b6086cd9c60964

SHA1
3fbe51f4ed9cc84d8181398e6051f49071b3680a

SHA256
ebcb5c48d432ddeabf9f730ca0ba45356e5201a7471c17b191f8db6acd3759e7

SHA512
48702883f2600ac1b5efbcaca40832bc7ad4e665a5e4e160d12fa7f3d4f49715680b3c66dd7708740302fc9da1bfb9a0fef670eeae73db816df8557f58a65ace

Download Submit
/data/data/app.EasyLogger/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
95387c462938f50e6aa90b9ead89da36

SHA1
d2cd1f3f3a9ff53234778e104c3c8cbe50e0b47e

SHA256
5a5e4ec3dc7007bf1bf2cde390aa23ede384e8c7a452ac870fa033d27fbf0c47

SHA512
21ac5bdfc55bbe77dd0d0ed8f9f44ce630f31511b8398c112b4711cc5ffc72a2bda3e280d180e45d29e8d2938ec8a67c738e038516137d3011fb50d0629da2f6

Download Submit